Synopsis

Description

SPI_execute_with_args executes a
command that might include references to externally supplied
parameters. The command text refers to a parameter as $n, and the call
specifies data types and values for each such symbol. read_only and count
have the same interpretation as in SPI_execute.

The main advantage of this routine compared to SPI_execute is that data values can be inserted
into the command without tedious quoting/escaping, and thus with
much less risk of SQL-injection attacks.

Similar results can be achieved with SPI_prepare followed by SPI_execute_plan; however, when using this
function the query plan is customized to the specific parameter
values provided. For one-time query execution, this function
should be preferred. If the same command is to be executed with
many different parameters, either method might be faster,
depending on the cost of re-planning versus the benefit of custom
plans.

Arguments

const char * command

command string

int nargs

number of input parameters ($1,
$2, etc.)

Oid * argtypes

an array containing the OIDs of the data types of the
parameters

Datum * values

an array of actual parameter values

const char * nulls

an array describing which parameters are null

If nulls is NULL then SPI_execute_with_args assumes that no
parameters are null.

bool read_only

true for read-only
execution

long count

maximum number of rows to return, or 0 for no limit

Return Value

The return value is the same as for SPI_execute.

SPI_processed and SPI_tuptable are set as in SPI_execute if successful.